[Touch-packages] [Bug 2040384] Re: Merge heimdal from Debian unstable for noble

[Gianfranco Costamagna]

** Changed in: heimdal (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to heimdal in Ubuntu.
https://bugs.launchpad.net/bugs/2040384

Title:
  Merge heimdal from Debian unstable for noble

Status in heimdal package in Ubuntu:
  Fix Released

Bug description:
  Upstream: tbd
  Debian:   7.8.git20221117.28daf24+dfsg-3    
  Ubuntu:   7.8.git20221117.28daf24+dfsg-3ubuntu1


  Debian does new releases regularly, so it's likely there will be newer
  versions available before FF that we can pick up if this merge is done
  later in the cycle.

  If it turns out this needs a sync rather than a merge, please change
  the tag 'needs-merge' to 'needs-sync', and (optionally) update the
  title as desired.

  
  ### New Debian Changes ###

  heimdal (7.8.git20221117.28daf24+dfsg-3) unstable; urgency=medium

    * Fix random 'Ticket expired' and 'Clock skew too great' errors by setting
      kdc_offset correctly. Closes: #1039992.

   -- Brian May <b...@debian.org>  Tue, 04 Jul 2023 10:09:56 +1000

  heimdal (7.8.git20221117.28daf24+dfsg-2) unstable; urgency=medium

    * Fix incorrect license of Debian files.
    * Fix deprecated dependancies.
    * gsskrb5: fix accidental logic inversions (CVE-2022-45142)
      (Closes: #1030849) - change applied from NMU version
      7.8.git20221117.28daf24+dfsg-1.1
    * Add ro.po file. Closes: #1031897.

   -- Brian May <b...@debian.org>  Sat, 25 Feb 2023 09:32:57 +1100

  heimdal (7.8.git20221117.28daf24+dfsg-1) unstable; urgency=medium

    * New upstream release.

   -- Brian May <b...@debian.org>  Sat, 10 Dec 2022 16:29:20 +1100

  heimdal (7.8.git20221115.a6cf945+dfsg-3) unstable; urgency=medium

    * Source-only upload to enable migration to testingi (2nd attempt).

   -- Brian May <b...@debian.org>  Sun, 04 Dec 2022 09:56:06 +1100

  heimdal (7.8.git20221115.a6cf945+dfsg-2) unstable; urgency=medium

    * Source-only upload to enable migration to testing.

   -- Brian May <b...@debian.org>  Sun, 04 Dec 2022 09:09:44 +1100

  heimdal (7.8.git20221115.a6cf945+dfsg-1) unstable; urgency=medium

    * New upstream version.
    * Numerous security fixes (Closes: #1024187).
    * asn1: Invalid free in ASN.1 codec (CVE-2022-44640)
    * krb5: PAC parse integer overflows (CVE-2022-42898)
    * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437)
    * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437)
    * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap
      (CVE-2022-3437)
    * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad()
      (CVE-2022-3437)
    * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437)
    * gsskrb5: Check buffer length against overflow for DES{,3} unwrap
      (CVE-2022-3437)
    * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437)
    * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437)
    * libhx509: Fix denial of service vulnerability (CVE-2022-41916)
    * spnego: send_reject when no mech selected (CVE-2021-44758)
    * Fix regression in _krb5_get_int64 on 32 bit systems.
      https://github.com/heimdal/heimdal/pull/1025
    * Increment soname for libroken.
    * Increment soname for libhcrypto.
    * Remove legacy shared library version requirements.
    * Add symbols to libkadm5srv8.

   -- Brian May <b...@debian.org>  Sun, 27 Nov 2022 10:44:26 +1100

  heimdal (7.7.0+dfsg-6) unstable; urgency=medium

    * Retry deleting dangling windc.so again. Closes: #857215.
    * Create /var/lib/heimdal-kdc/m-key not /var/lib/heimdal-kdc/heimdal.mkey.
      Closes: #964008.
    * Disable use of -rpath in krb5-config.heimdal. Closes: #868840.

   -- Brian May <b...@debian.org>  Mon, 05 Sep 2022 08:35:33 +1000

  heimdal (7.7.0+dfsg-5) unstable; urgency=medium

    * Fix missing closefrom symbol. Closes: #1016884, #1017244.
    * Fix spelling of dependency in changelog.
    * Fix override_dh_fixperms typo, use 700 for /var/lib/heimdal-kdc/
    * Remove default --parallel from dh call.
    * Remove unused debian/upstream/signing-key.asc key.
    * Fix Multi-Arch headers. heimdal-multidev is not co-installable, so
      heimdal-dev cannot be co-installable either.

   -- Brian May <b...@debian.org>  Fri, 02 Sep 2022 07:59:59 +1000

  heimdal (7.7.0+dfsg-4) unstable; urgency=medium

    * Delete dependency on install-info. Closes: #1013735.
    * Non-maintainer upload.
    * Reduce Build-Depends: (Closes: #980531)
      + Drop unused libhesiod-dev.
      + Drop unused libperl4-corelibs-perl as cf/make-proto.pl no longer uses
        it.
      + Drop unused libx11-dev, libxau-dev, libxt-dev, ss-dev, and
        x11proto-core-dev.
      + Clean generated C tables to actually rebuild them using python3.

   -- Brian May <b...@debian.org>  Mon, 27 Jun 2022 10:36:10 +1000

  heimdal (7.7.0+dfsg-3) unstable; urgency=high


  ### Old Ubuntu Delta ###

  heimdal (7.8.git20221117.28daf24+dfsg-3ubuntu1) mantic; urgency=medium

    * Merge from Debian unstable. Remaining changes:
      - d/rules: Disable lto, to regain dep on roken, otherwise
        dependencies on amd64 are different than i386 resulting in
        different files on amd64 and i386.

   -- Steve Langasek <steve.langa...@ubuntu.com>  Tue, 18 Jul 2023
  09:23:55 -0700

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/2040384/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp